comparison mod_http_oauth2/mod_http_oauth2.lua @ 6244:b7eb7d256939

mod_http_oauth2: Return instead of throwing errors error() or assert() does not get handled correctly
author Kim Alvefur <zash@zash.se>
date Tue, 03 Jun 2025 17:20:52 +0200
parents 5b269511ade7
children 7e4238d2989c
comparison
equal deleted inserted replaced
6243:5b269511ade7 6244:b7eb7d256939
408 408
409 function grant_type_handlers.password(params, client) 409 function grant_type_handlers.password(params, client)
410 local request_username 410 local request_username
411 411
412 if expect_username_jid then 412 if expect_username_jid then
413 local request_jid = assert(params.username, oauth_error("invalid_request", "missing 'username' (JID)")); 413 local request_jid = params.username;
414 if not request_jid then
415 return oauth_error("invalid_request", "missing 'username' (JID)");
416 end
414 local _request_username, request_host = jid.prepped_split(request_jid); 417 local _request_username, request_host = jid.prepped_split(request_jid);
415 418
416 if not (_request_username and request_host) or request_host ~= module.host then 419 if not (_request_username and request_host) or request_host ~= module.host then
417 return oauth_error("invalid_request", "invalid JID"); 420 return oauth_error("invalid_request", "invalid JID");
418 end 421 end
419 422
420 request_username = _request_username 423 request_username = _request_username
421 else 424 else
422 request_username = assert(params.username, oauth_error("invalid_request", "missing 'username'")); 425 request_username = params.username;
423 end 426 if not request_username then
424 427 return oauth_error("invalid_request", "missing 'username'");
425 local request_password = assert(params.password, oauth_error("invalid_request", "missing 'password'")); 428 end
429 end
430
431 local request_password = params.password;
432 if not request_password then
433 return oauth_error("invalid_request", "missing 'password'");
434 end
426 435
427 if not usermanager.test_password(request_username, module.host, request_password) then 436 if not usermanager.test_password(request_username, module.host, request_password) then
428 return oauth_error("invalid_grant", "incorrect credentials"); 437 return oauth_error("invalid_grant", "incorrect credentials");
429 end 438 end
430 439
721 730
722 if module:get_host_type() == "component" then 731 if module:get_host_type() == "component" then
723 local component_secret = assert(module:get_option_string("component_secret"), "'component_secret' is a required setting when loaded on a Component"); 732 local component_secret = assert(module:get_option_string("component_secret"), "'component_secret' is a required setting when loaded on a Component");
724 733
725 function grant_type_handlers.password(params) 734 function grant_type_handlers.password(params)
726 local request_jid = assert(params.username, oauth_error("invalid_request", "missing 'username' (JID)")); 735 local request_jid = params.username;
727 local request_password = assert(params.password, oauth_error("invalid_request", "missing 'password'")); 736 if not request_jid then
737 return oauth_error("invalid_request", "missing 'username' (JID)");
738 end
739 local request_password = params.password
740 if not request_password then
741 return oauth_error("invalid_request", "missing 'password'");
742 end
728 local request_username, request_host, request_resource = jid.prepped_split(request_jid); 743 local request_username, request_host, request_resource = jid.prepped_split(request_jid);
729 if params.scope then 744 if params.scope then
730 -- TODO shouldn't we support scopes / roles here? 745 -- TODO shouldn't we support scopes / roles here?
731 return oauth_error("invalid_scope", "unknown scope requested"); 746 return oauth_error("invalid_scope", "unknown scope requested");
732 end 747 end